(Feb 26, 2015)
Australian Privacy Commissioner Timothy Pilgrim may “launch an investigation into the hacking of Gemalto SIM cards” amidst reports the U.S. National Security Agency and the UK Government Communications Headquarters infiltrated and stole the encryption keys of the world's largest SIM card manufacturer. Experts have said the actions leave “potentially millions of Australians open to having their phone conversations or text messages monitored,” The Sydney Morning Herald reports. Meanwhile, ZDNet re...
Read More

(Feb 26, 2015)
New Zealand’s Office of the Privacy Commissioner (OPC) examines the process of updating the Asia-Pacific Economic Cooperation (APEC) Privacy Framework. APEC’s goal is to update the framework “in time to mark the 10th anniversary of the framework’s adoption in 2005,” the OPC’s Blair Stewart writes in a blog post. Stewart notes APEC’s Electronic Commerce Steering Group (ECSG) has “endorsed an ECSG Data Privacy Subgroup plan to concentrate on updating the framework in six priority areas.” Among tho...
Read More

(Feb 26, 2015)
The age-old dichotomy between privacy lawyers and engineers can often be a difficult hurdle to overcome. Last year, Profs. Peter Swire, CIPP/US, and Annie Antón discussed why engineers and lawyers need to get along. An essential part of making the connection between both disciplines, writes Security Specialist Ian Oliver, in this first in a series of posts for Privacy Tech, is by creating a grounded semantics through which lawyers and technicians can speak. One solid place to start, he writes, is grounding it in the term "personally identifiable information."
Read More

(Feb 26, 2015)
U.S.-based First Data began its effort to win approval for its binding corporate rules (BCRs) in 2007, back when the process was young and still evolving. This month, the UK Information Commissioner's Office (ICO) officially recognized the multinational payment solutions company's BCRs for data processors. Now able to boast that it's been approved for both processors and controllers, First Data is also the first company to have done so under the purview of the ICO. First Data CPO John Atkins, Chief Compliance Officer Carmen Menendez-Puerto and Chief Control Officer Cindy Armine-Klein discuss the process with Angelique Carson, CIPP/US, in this exclusive for The Privacy Advisor.
Read More

(Feb 25, 2015)
For the second year in a row, the IAPP is joining forces with the Cloud Security Alliance to provide a powerhouse conference that combines the CSA’s Congress and the IAPP’s Privacy Academy: Privacy. Security. Risk. 2015, and the call for speakers for the conference is now open. We’re looking for speaking proposals that are interactive, practical and hands-on. If you have the know-how to run a workshop-style session that includes case studies, exercises, real-life scenarios and all things how-to, then we want you. The deadline for paper submissions is March 13.
Read More

(Feb 25, 2015)
Reddit has announced new changes to its privacy policy to help curb so-called revenge porn posts, The Washington Post reports. Moving forward, the posting of images or videos of individuals “in a state of nudity or engaged in any act of sexual conduct” will require prior consent from the individuals in the images. “We also recognize that violent personalized images are a form of harassment that we do not tolerate, and we will remove them when notified,” team Reddit wrote. Meanwhile, Craig Britta...
Read More

(Feb 24, 2015)
In a Q&A for Reddit, Oscar-winning documentarian Laura Poitras, journalist Glenn Greenwald and whistleblower Edward Snowden—from his secret location in Russia—discussed Citizenfour, reporting on the government and facing those in power. Greenwald said the “Snowden revelation” that was most shocking to him was that “the explicit goal of the NSA and its allies is captured by the slogan ‘collect it all’—meaning they want to convert the Internet into a place of limitless, mass ...
Read More

(Feb 24, 2015)
Technological advances “are making it easier than ever to measure, interpret and even reconstruct brain activity,” while the proliferation of wearables is creating “more ways to map our brainwaves than ever before,” and that means more opportunities for companies to mine that data, Gizmodo reports. This presents an interesting question: Who owns brain data? Neuro-Ethicist Paul Roote Wolp recently stressed the importance of setting up ground rules to protect cognitive privacy. For example, functional magnetic resonance imaging (fMRI) is beginning to be used for lie detection, the report states, and “it’s not unreasonable to expect police and other actors to use cognitive data in the future” to determine innocence or guilt.
Read More

(Feb 24, 2015)
VentureBeat reports on one company that is flying small drones over the San Fernando Valley in Los Angeles, CA, in order to determine cell-phone locations for targeted advertising. The small, unmanned aerial vehicles apparently are determining cell-phone location by “WiFi and cellular transmission signals.” The move is part of an experiment by Singapore-based location-marketing firm Adnear. Smriti Kataria, Adnear’s director of marketing and research, said the devices do not collect conversations or personally identifiable information but rather use cell-phone triangulation and signal strength to determine location. According to the report, “A mobile user needs to have an app open that is transmitting via cellular or WiFi for this mapping to occur.”
Read More

(Feb 24, 2015)
In a translated post for Medium, Dimitri Tokmetzis discusses an experiment conducted with designer Yuri Veerman called Koppie Koppie. The online store sells mugs with photos of children Tokmetzis and Veerman legally collected off Flickr. They put the images on coffee mugs and then sell them in their store, Koppie Koppie. “Aren’t we violating the privacy of these children and their families by commercializing these intimate family moments?” Tokmetzis asks, adding, “We share your concern.” He describes three ways people’s privacy is being violated by their commercial venture, including the lack of user control over personal information, lack of confidentiality and lack of privacy in context.
Read More

The IAPP is the largest and most comprehensive global information privacy community and resource. Founded in 2000, the IAPP is a not-for-profit organization that helps define, support and improve the privacy profession globally.Learn more

The IAPP is the only place you’ll find a comprehensive body of resources, knowledge and experts to help you navigate the complex landscape of today’s data-driven world. We offer individual, corporate and group memberships, and all members have access to an extensive array of benefits.